PFCP¶
The Packet Forwarding Control Protocol PFCP is a protocol used for communication between the UPF and SMF (control plane) in 5G networks.
Before the UPF can start forwarding packets, it must be associated with the SMF, which then configures user sessions.
Only a single instance of this service is allowed to run across all namespaces.
To make use of the F-TEID allocation on the UPF, it is highly recommended
to configure at least one IP address with the n3-address leaf.
Note
The PFCP service requires at least one GTP interface in order to manage GTP-U tunnels. Refer to the GTP user guide.
Here is a basic configuration example where the PFCP service is configured with a gateway:
vsr> edit running
vsr running config# vrf main interface gtp gtp0 enabled true
vsr running config# vrf main pfcp enabled true
vsr running config# vrf main pfcp gtp-interface name gtp0 vrf main
vsr running config# vrf main pfcp heartbeat-period 3
vsr running config# vrf main pfcp heartbeat-grace-period 10
vsr running config# vrf main pfcp n3-address 10.100.0.2
vsr running config# vrf main pfcp n9-address 10.125.0.1
vsr running config# vrf main pfcp ueip ipv4-pool internet4 identity uev4 prefix 10.60.0.0/24
vsr running config# vrf main pfcp ueip ipv6-pool internet6 identity uev6 prefix fd00:60::/48
vsr running config# commit
Configuration committed.
To display the PFCP service state:
vsr running vrf main# show state pfcp
pfcp
enabled true
verbose false
address 10.175.0.2
heartbeat-period 3
heartbeat-grace-period 10
gtp-interface
name gtp0
vrf main
..
ueip
ipv4-pool internet4
identity uev4
prefix 10.60.0.0/24
..
..
ipv6-pool internet6
identity uev6
prefix fd00:60::/48
..
..
..
n3-address 10.100.0.2
n9-address 10.125.0.1
..
The same configuration can be made using this NETCONF XML configuration:
vsr running config# show config xml absolute vrf main pfcp
<config xmlns="urn:6wind:vrouter">
<vrf>
<name>main</name>
<pfcp xmlns="urn:6wind:vrouter/upf">
<enabled>true</enabled>
<verbose>true</verbose>
<address>10.175.0.2</address>
<heartbeat-period>3</heartbeat-grace-period>
<heartbeat-grace-period>10</heartbeat-grace-period>
<gtp-interface>
<name>gtp0</name>
<vrf>main</vrf>
</gtp-interface>
<ueip>
<ipv4-pool>
<dnn>internet4</dnn>
<identity>
<name>uev4</name>
<prefix>10.60.0.0/24</prefix>
</identity>
</ipv4-pool>
<ipv6-pool>
<dnn>internet6</dnn>
<identity>
<name>uev61</name>
<prefix>fd00:60::/48</prefix>
</identity>
</ipv6-pool>
</ueip>
<n3-address>10.100.0.2</n3-address>
<n9-address>10.125.0.1</n9-address>
</pfcp>
</vrf>
</config>
GTP resources allocation¶
Because the maximum number of GTP-U tunnels and associated resources cannot be increased without restarting the fast path, configuring upper limits may be necessary to meet the requirements of the target use case.
Please note that while it is possible to configure those parameters freely, limits on the number of GTP-U tunnels that can be processed at the same time will be enforced according to what is allowed in the product license.
This means that in the case more tunnels than what is allowed are created, no traffic will pass through the extra tunnels. Once the excess use comes to an end, traffic will be allowed to pass again through those tunnels.
The following items can be configured:
Maximum number of GTP interfaces (
gtp-max-if).At least one GTP inferface must be created and configured in order to route downlink MS traffic from a data network. More interfaces can be used to aggregate and manage groups of MS, combined with VRFs for example.
Maximum number of GTP-U tunnels the data plane can handle (
gtp-max-pdp).Each tunnel is represented by a PDP context. The number of contexts necessary for a given PDU session depends on the PFCP role defined for that session.
Although only one context is required when acting as a PDU session anchor (PSA, also known as “gateway”), two are required when acting as a relay. In other words, if all sessions are relayed,
gtp-max-pdpmust be at least twice the number of expected sessions.
Maximum number of packets to buffer per GTP-U tunnel (
gtp-max-pdp-buffer).Each tunnel can buffer a certain amount of packets. The maximum number of packets that can be buffered at the same time per GTP-U tunnel is specified by this item. This increases the fast path global packet pool by
gtp-max-pdp-buffer*gtp-max-pdppackets. So the fast path memory consumption increases consequently.
Maximum number of QoS flows that can be allocated globally (
gtp-qos-flow).Since 5G requires a minimum of one default QoS flow per PDU session, the recommended value is the same as for
gtp-max-pdp. Note that sessions often use more than one QoS flow though. 5G allows up to 63 QFIs per session.
Maximum number of QoS policies that can be allocated globally (
gtp-qos-policy).SDF filters are implemented as QoS policies, so each SDF filter defined for a PDU session needs one (two if relaying). If unsure, do not use a value lower than
gtp-max-pdp.
The following configuration example supports 32 GTP interfaces, 200000 PDP context and 800000 QoS flows. The number of QoS policies is the same as the number of QoS flows.
vsr> edit running
vsr running config# system fast-path limits gtp-max-if 32
vsr running config# system fast-path limits gtp-max-pdp 200000
vsr running config# system fast-path limits gtp-max-qos-flow 800000
vsr running config# system fast-path limits gtp-max-qos-policy 800000
vsr running config# commit
Configuration committed.
To display the usage state of set limits:
vsr running config# show fast-path table-usage | match gtp
gtp-if 1/16
gtp-pdp 0/16
gtp-qos-flow 0/32
gtp-qos-policy 0/32
vsr running config# show state system fast-path limits | match gtp
gtp-cur-if 1
gtp-cur-pdp 0
gtp-cur-qos-flow 0
gtp-cur-qos-policy 0
gtp-max-if 16
gtp-max-pdp 16
gtp-max-pdp-buffer 16
gtp-max-qos-flow 32
gtp-max-qos-policy 32
The following configuration can be made using this NETCONF XML configuration:
vsr running config# show config xml system fast-path limits
<limits xmlns="urn:6wind:vrouter/fast-path">
<gtp-max-if>32</gtp-max-if>
<gtp-max-pdp>200000</gtp-max-pdp>
<gtp-max-qos-flow>800000</gtp-max-qos-flow>
<gtp-max-qos-policy>800000</gtp-max-qos-policy>
</limits>
See also
The PFCP command reference for the complete list of supported options.
Listing SMF entities associated with the PFCP service¶
The SMF peers associated with the PFCP service, the features they support, their set identifier, latest heartbeat update, and the alternative SMF peers to contact when they fail can be listed with the following command:
vsr> show pfcp smf
SMF IP address Starting time Features SMF ID Latest heartbeat Alternative SMF IPs
============== ============= ======== ====== ================ ===================
10.175.0.10 2025-01-23 10:21:25 UTC+01:00 MPAS MY_MPAS 0s ago 10.175.0.11
10.175.0.11 2025-01-23 10:21:27 UTC+01:00 MPAS MY_MPAS 1s ago
10.175.0.12 2025-01-23 10:21:30 UTC+01:00 MPAS MY_MPAS 1s ago
See also
The command reference for details.
Listing PFCP peers¶
The PFCP peers the service is aware of through the heartbeats they send can be listed with the following command:
vsr> show pfcp peer
Peer IP address Starting time Latest heartbeat Associated
=============== ============= ================ ==========
10.175.0.10 2025-01-23 10:21:25 UTC+01:00 3s ago Yes
10.175.0.11 2025-01-23 10:21:27 UTC+01:00 3s ago Yes
10.175.0.12 2025-01-23 10:21:30 UTC+01:00 0s ago Yes
See also
The command reference for details.
Listing PFCP GTP peers¶
The PFCP GTP peer information that the service is monitoring can be listed with the following command:
vsr> show pfcp gtp-peer
Address Age Last echo handled Last echo sent Attempt Completed Failed
======= === ================= ============== ======= ========= ======
10.125.0.2 62 2 1 0 6 0
10.100.0.1 62 5 3 2 5 1
See also
The command reference for details.
Display PFCP service packet statistics¶
Several counters associated with the processing of PFCP packets, dataplane notifications and error cases can be found using the following command:
vsr> show pfcp statistics
show-pfcp-statistics
rx-packets 7
cp-f-seid-collisions 0
rx-unsupported-packets 0
rx-error-indication 0
rx-threshold 0
rx-quota 0
rx-buffering 0
rx-report-errors 0
tx-packets 7
tx-errors 0
tx-first-report 0
tx-report-resend 0
tx-report-unacked 0
rpc-errors 0
peer-restart 0
no-association 0
association-created 0
association-released 0
association-updated 0
alternative-smf-selected 0
redirection-requested 0
session-created 0
session-modified 0
session-deleted 0
rx-session-deletion-requests 0
rx-session-deletion-request-errors 0
tx-session-deletion-responses 0
tx-session-deletion-response-errors 0
rx-echo-requests 0
rx-echo-request-errors 0
tx-echo-responses 0
tx-echo-response-errors 0
tx-echo-requests 0
tx-echo-request-errors 0
rx-echo-responses 0
rx-echo-response-errors 0
rx-echo-response-timeouts 0
tx-node-reports 0
rx-node-report-errors 0
..
See also
The command reference for details.